A role-based access control model for information mediation

Li Yang, Raimund K. Ege, Onyeka Ezenwoye, Qasem Kharma

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

With the increasing demands for data integration and exchange among distributed heterogeneous sources, many applications require secure interoperation and the information sharing. Mediation techniques provide an extended amalgamation of searching and querying in heterogeneous systems, but enlarge the space of possible threats to local data sources. How to encourage data sharing while enforce required protection to resources is a challenging problem. Traditional access control mechanisms and methods are inadequate to reflect the heterogeneous environment and the flexible access control requirements. This paper presents a mediation security architecture for information integration based on role-based access control (RBAC). An adorned XML model (AXM) is used to homogenize security data modeling. Security requirements of mediation systems are specified by constraints over various RBAC dimensions. An incremental security enforcement method is proposed to integrate RBAC modules into the mediation architecture. The method supports adaptive and scalable design of secure mediation systems.

Original languageEnglish (US)
Title of host publicationProceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004
EditorsA.M. Memon, N. Zhao
Pages277-282
Number of pages6
Publication statusPublished - Dec 1 2004
Externally publishedYes
EventProceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004 - Las Vegas, NV, United States
Duration: Nov 8 2004Nov 10 2004

Other

OtherProceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004
CountryUnited States
CityLas Vegas, NV
Period11/8/0411/10/04

    Fingerprint

Keywords

  • Mediation system
  • Role-based access control
  • Security

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Yang, L., Ege, R. K., Ezenwoye, O., & Kharma, Q. (2004). A role-based access control model for information mediation. In A. M. Memon, & N. Zhao (Eds.), Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, IRI-2004 (pp. 277-282)